We just raised a $30M Series A: Read our story

Symantec Data Loss Prevention OverviewUNIXBusinessApplication

Symantec Data Loss Prevention is the #2 ranked solution in our list of top Data Loss Prevention (DLP) tools. It is most often compared to Endpoint Protector: Symantec Data Loss Prevention vs Endpoint Protector

What is Symantec Data Loss Prevention?

Keeping sensitive corporate information safe and compliant has never been easy. But today, you’re faced with a totally new set of data protection challenges. Sensitive information is leaving the safety of your corporate network as more employees share files over consumer cloud storage services and access those files on their own mobile devices. The number of targeted cyber attacks continues to grow, as cybercriminals develop effective new methods for defeating traditional security measures and stealing corporate information. And as all of these factors converge, it becomes increasingly difficult to manage corporate information and protect it against loss and theft. 

Symantec Data Loss Prevention (DLP) provides a comprehensive approach to information protection that embraces today’s cloud- and mobile-centered realities. With DLP, you can:

• Discover where data is stored across all of your cloud, mobile, network, endpoint, and storage systems

• Monitor how data is being used, whether your employees are on or off the network

• Protect data from being leaked or stolen—no matter where it’s stored or how it’s used

Symantec Data Loss Prevention is also known as Symantec DLP.

Symantec Data Loss Prevention Buyer's Guide

Download the Symantec Data Loss Prevention Buyer's Guide including reviews and more. Updated: October 2021

Symantec Data Loss Prevention Customers

Hadassah University Hospital, Her Majestys Government (HMG), United Kingdom, Hitachi Consulting Software Services India Pvt Ltd., Hua Nan Bank, Hyundai Department Store Group,
JW Marriott Hotel Seoul, Lake Health, McCann Erickson Israel, Molina Healthcare Inc., PGi, Quilvest Switzerland Limited, State of Nevada Public Employees Benefits Program, Symantec Corporation (Enterprise Security), The Royal Liverpool and Broadgreen University Hospitals NHS Trust, The Royal Liverpool and Broadgreen University Hospitals NHS Trust (DLP), The Saudi Industrial Property Authority, TSO cloud, Visa, Yunnan Power Grid Company

Symantec Data Loss Prevention Video

Archived Symantec Data Loss Prevention Reviews (more than two years old)

Filter by:
Filter Reviews
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Showingreviews based on the current filters. Reset all filters
Mahmoud Hussein
Private Security Consultant at a tech services company with 11-50 employees
MSP
Good endpoint security and network discovery, but implementation can be difficult

What is our primary use case?

I am a consultant, and this is one of the solutions that I help to implement for my customers.

What is most valuable?

The most valuable feature of this solution is endpoint security. The network discovery is very helpful.

What needs improvement?

This product is very powerful but it is very complex, so making it simpler to use would be an improvement. It takes eight or ten services to activate all of the features, which is too difficult to manage.

For how long have I used the solution?

I have been using this solution for about three years.

What do I think about the stability of the solution?

This solution is very stable.

What do I think about the scalability of the solution?

This is a very scalable solution.

How are customer service and

What is our primary use case?

I am a consultant, and this is one of the solutions that I help to implement for my customers.

What is most valuable?

The most valuable feature of this solution is endpoint security.

The network discovery is very helpful.

What needs improvement?

This product is very powerful but it is very complex, so making it simpler to use would be an improvement. It takes eight or ten services to activate all of the features, which is too difficult to manage.

For how long have I used the solution?

I have been using this solution for about three years.

What do I think about the stability of the solution?

This solution is very stable.

What do I think about the scalability of the solution?

This is a very scalable solution.

How are customer service and technical support?

The technical support for this solution is very good.

How was the initial setup?

The complexity of the initial setup depends on the requirements, but most of the time it is very difficult to implement.

What other advice do I have?

I would rate this solution a seven out of ten.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
TN
‎Head: Group Legal at Optiflex
Real User
Enables us to see people who are accessing or try to access information they are not supposed to be accessing based on their level of classification

Pros and Cons

  • "I'm able to track everyone who is trying to send information outside the environment and to know if they are not supposed to be sending it. I'm also able to see the people who are accessing or maybe try to access the information they are not supposed to be accessing based on their level of classification. It gives me overall control of who has got access to what and at what point. And who can do what with specific information."
  • "In a majority of cases, most of the companies are using DLP for endpoint sessions, where you have a user that might be communicating information outside of the company. However, they forget there are actual interfaces that can directly communicate with either the database or other files within the data center that uses end-to-end encryption. In those cases, you might need things like your DLP to be able to monitor and block some of that. The solution needs to catch information communicated through the data center on the server-side."

What is our primary use case?

We primarily use the solution for the endpoint machines within the environment.

What is most valuable?

I'm able to track everyone who is trying to send information outside the environment and to know if they are not supposed to be sending it. I'm also able to see the people who are accessing or maybe try to access the information they are not supposed to be accessing based on their level of classification.

It gives me overall control of who has got access to what and at what point and who can do what with specific information.

What needs improvement?

The backend side of the server needs improvement.

In a majority of cases, most of the companies are using DLP for endpoint sessions, where you have a user that might be communicating information outside of the company. However, they forget there are actual interfaces that can directly communicate with either the database or other files within the data center that uses end-to-end encryption. In those cases, you might need things like your DLP to be able to monitor and block some of that. The solution needs to catch information communicated through the data center on the server-side.

For how long have I used the solution?

I've been using the solution for two years.

What do I think about the stability of the solution?

The solution is quite stable, especially when you run it on a Linux platform and when you code it and set it end-to-end on a Windows machine.

What do I think about the scalability of the solution?

I've never had any issues around scalability, mostly because of the environment I'm running on. We have about 50 users on the solution currently. 

It's used quite extensively in our environment as a security cluster, but going forward I don't think we will be adding more people to the environment. It's a minimized environment, so there's a limit to the number of people that are allowed to work with it.

How are customer service and technical support?

We've never had an issue outside our capabilities, so we've never had to contact technical support.

Which solution did I use previously and why did I switch?

I previously used McAfee DLP at a different company. I'm not sure what my current organization used previously.

How was the initial setup?

The initial setup of the solution was straightforward. It took us less than a week to make sure that we created all the rules. 

The setup itself it took less than two hours. However, applying all the rules and the configurations, and all the different qualities took longer. It total, everything took close to a week.

We only need two people for deployment and maintenance.

What about the implementation team?

We implemented the solution ourselves.

What's my experience with pricing, setup cost, and licensing?

Licensing depends on how you plan your deployment. If you have carefully planned it and you've already looked at the storage capacity and how it's going to grow over a period of two to five years, then you'll hardly have any problems or issues. If you have not planned it correctly then you might run into some issues.

What other advice do I have?

We are using the on-premises deployment model.

I would advise others that the solution does need careful planning before attempting an implementation.

I would rate the solution nine out of ten.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Learn what your peers think about Symantec Data Loss Prevention. Get advice and tips from experienced pros sharing their opinions. Updated: October 2021.
542,823 professionals have used our research since 2012.
it_user840159
IT Security Engineer at a tech services company with 1-10 employees
Real User
Endpoint modules provide us the protection we need

Pros and Cons

  • "The features I like most about this solution is the endpoint modules because it gives us the protection we need."
  • "I do have a problem with the database."

What is our primary use case?

Our primary use case for this solution is to protect data from being stolen from the company. It protects and monitors data that moves out without us knowing about it. 

What is most valuable?

The features I like most about this solution is the endpoint modules because it gives us the protection we need. 

What needs improvement?

I do have a problem with the database. It uses the Oracle database and sometimes this causes some problems. I would prefer it to use the MS SQL database because it has a more stable connection than the Symantec database.

For how long have I used the solution?

I've been using this solution for a year and six months now.

What do I think about the stability of the solution?

I think it is very stable. The only problem is the Oracle database where the connection sometimes works through the enforce server. But other than that it's very stable.

What do I think about the scalability of the solution?

The scalability is good because some of the environments we are implementing it in, has 7,000 users. Others have 1,000 users. So it all depends. My job is only to implement it and enforce the policies at the customer.

How are customer service and technical support?

The technical support is perfect. If there is any problem or if anything goes wrong, the technical support team answers me immediately and they solve the problem, so it's a very good technical support team.

Which solution did I use previously and why did I switch?

I used Forcepoint DB and the McAfee DB. I implement all of them, so I didn't switch.

How was the initial setup?

The initial setup was not complex and it was very easy to install the Symantec database. It comes with a guide that explains every small step in detail. The deployment took about two to three days. However, if you install all the modules, it may take up to two weeks.

What about the implementation team?

I am an integrator for this solution and I work mostly alone.

Which other solutions did I evaluate?

I compared this solution with Cisco Stealthwatch. And I work on solutions like Forcepoint DP too. But I prefer Symantec DLP and I usually recommend this solution first when a client asks about the different options. It is, however, the more expensive option. So if the client's budget doesn't allow it, I recommend Forcepoint.

What other advice do I have?

I would recommend others to read the manual carefully before they start implementing it because it explains every small detail on how it works. 

I will rate it a nine out of ten.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Shayanthan Karunaharan
Engineer - Information Security at a tech services company with 11-50 employees
Reseller
Enables us to create policies to control sensitive company data

Pros and Cons

  • "They have a feature on the management side called the document indexer. Let's say you have a unique document with many near identical versions, which have one or several values that change, while the rest of the content stays the same. You can collect 50 of those documents and put them into this feature of the Symantec DLP system. It will compress them and create a profile specifically for that document."
  • "That fine tuning has to be done for the customer as well as the vendor. So if I take Symantec DLP, we have to have some final fine tuning but we may need some time developing this depending on the customer. This is an area where something can be done to improve the product."

What is our primary use case?

The primary use case is for handling confidential data, such as customer data, employee data, and IT confidential information. We used this solution in some contracting work. We classify the data by assigning each division user their own classification, e.g., confidential, restricted, internal, or public. According to the data we get from the customer, we find fairly unique keywords and common words from the data and we put it on the Symantec DLP engine as a use case or policy. If, for example, the content or classified files cannot leave the organization, I can turn the use case into a policy as keywords mentioning specific data and unique keywords in the documents. This restricts documents from leaving the organization. That's how I create a policy based on the use case.

How has it helped my organization?

Another unique feature which I have found is a solution that we needed for one of our customers. They provided laptops at one of their facilities. Their users had administrator access, but the company cannot control those laptops. They are things, moving outside and inside for technical work. They noticed that their users have personal email accounts through Gmail and they installed Google Drive on their laptops. The problem is when Google Drive synchronizes, most of these company documents have a few admins that sync back up to these personal laptops. 

After deploying Symantec, we created a policy for data loads. We found some confidential files had been backed up to the cloud from their personal laptops. The company documents back up through employees' personal Google Drive. They found it and informed the company, who restricted the application purpose for those employees.

The customer was happy about the solution.

What is most valuable?

They have a feature on the management side called the document indexer. If you have a unique document with many near-identical versions, which have one or several values that change, while the rest of the content stays the same. You can collect 50 of those documents and put them into this feature of the Symantec DLP system. It will compress them and create a profile specifically for that document. 

For example, if you are getting a daily performance report for your company, each report will be completely the same, except some of the numerical values may change. I can collect 50 documents from the last 50 days and put them into the system to compress the documents and create a profile. I can then put this in a policy that will monitor only those documents. If an employee tries to send those documents outside without authorization, the system will block the documents. I have found the data indexer in Symantec, but I didn't find it in McAfee.

What needs improvement?

Each company is used to working their own way because they invested in developers and they worked with their project team already. We have worked on some projects and got feedback from the customer. Most of the time I develop this data loss deployment, when I assign data loss threshold values, some data thresholds will need to be higher. For example, IT users need a higher threshold because technical documents include confidential work.

In a 60 page technical document the confidential work might appear 50 times. If that document comes out of the machine or if he tries to send it to another IT user, it will technically be considered data loss because of the threshold value end for the confidential work. In that same way, I have to fine tune those metrics depending on the customer or customer group and the employee group. IT needs certain metrics. A financial user or financial goods need different metrics.

That fine-tuning has to be done for the customer as well as the vendor. If I take Symantec DLP, we have to have some final fine tuning but we may need some time developing this depending on the customer. This is an area where something can be done to improve the product. 

Also, due to the cloud emerging technology in the world at the moment, most of the content and data that we use from the cloud if from some organizations in Europe and the US. For those users, I think Symantec DLP has already provided a testing agent. Those are advantages and improvements that could be made to Symantec DLP.

Their user interface and other features are fine as is.

What do I think about the stability of the solution?

It's stable. Currently, we are running on two and a half to almost three months. Up to now, I haven't experienced any system issue at the customer place. I used to go and do some fine tuning in the policies only.

What do I think about the scalability of the solution?

It's scalable. There are three users for this solution at the customer. They are information security engineers. Two are senior and one is just an engineer.

Those users are responsible for the solution and the entire agent count is 800 users. For 800 users endpoints have been installed.

It's fine for now, but I think they are planning to expand the solution to another 500 users by next year.

How are customer service and technical support?

We have experience and most of the time you get very good technical support. In our experience, we only needed support four times for some fine tuning because there is some fine tuning that I cannot do. In those cases, I created a ticket from the support portal and within three or four days they replied. They could typically rectify the issue within one or two weeks. Afterward, they send a report survey for evaluation. 

In short, the technical support is great.

How was the initial setup?

The setup is straightforward. The only complexity comes from the Oracle Database side. Other than that, it is straightforward. It took a half hour to install it. Once you install the manual server, and the detection server on another server you just have to install the alias. I didn't have much problem installing the system.

What about the implementation team?

I installed it myself. Implementation took one day.

I initially checked with the customer how to do their implementation and then I gave them the system requirements. Only then did I go on to staff, once they had given me access to the servers. I only did preliminary planning with technical staff first, then sat down with the customer and planned it more thoroughly.

Only three people take care of this solution from the management side. Externally, there is also a special SI engineer and a travel engineer.

What's my experience with pricing, setup cost, and licensing?

In terms of pricing, Symantec DLP works with Oracle Database. Oracle Database licensing is much more expensive than other databases. That might be a drawback for customers.

The pricing is on a yearly subscription basis. For the current customer year, we already paid up front as part of the first three years.

Which other solutions did I evaluate?

We had a partnership with Symantec so we didn't use any other solution because we signed an agreement with them and we started deployment with the customer. We evaluated the system with the customer and once the customer confirmed that we should secure Symantec DLP we deployed the solution.

What other advice do I have?

My advice is that the DLP solution is the emerging platform in the world at the moment. First, we had to get some idea on how data works at the customers: data in motion, data in rest, data traveling, etc. Typically data travels through emails from the endpoint by USB, email and CD writing it to a CD or copying it to a network share or from a network share. Those are what you need to know before starting the day of implementation. How this data travels inside and outside the environment.

I would rate this solution as nine out of ten, because they are a leader, competing with some other vendors, providing updates, releasing new versions, and providing technical improvements on their side. I would say it's fine.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
HX
Systems Architecture Engineer at a tech vendor with 1,001-5,000 employees
Real User
Stable solution that keeps our client's data protected

Pros and Cons

  • "The product is very stable."
  • "Virtualization is not currently supported."

What is our primary use case?

We use this to protect our client's data. They are China Mobile, China Unicom, and China Telecom.

How has it helped my organization?

When our Oracle database is corrupted, we have the ability to restore the data. This helps a lot.

What is most valuable?

The most valuable feature for us is the ability to backup our database, and restore it if necessary.

What needs improvement?

This product should be integrated with virtualization technology and work with other applications.

For how long have I used the solution?

More than five years.

What do I think about the stability of the solution?

The stability of this product is good. I would rate it as very stable.

What do I think about the scalability of the solution?

I feel that the scalability is good, but the virtualization could be improved. We only have one or two people that use the software. 

Which solution did I use previously and why did I switch?

This is our original solution. The product was included on our servers that were shipped directly from HP and IBM.

How was the initial setup?

The initial setup was done by our experienced engineer. The setup is not difficult and one or two hours is enough to complete it.

What about the implementation team?

Our in-house engineer handled the implementation.

What's my experience with pricing, setup cost, and licensing?

The pricing and licensing for this product is good.

Which other solutions did I evaluate?

We considered other data loss prevention business products, including the Dell EMC backup solution.

What other advice do I have?

We are actively looking for a product that handles virtualization easily and efficiently. We would like to see support for virtual environments.

I would rate this product an eight out of ten.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
KN
Principal Consultant at Design Consulting Inc
Consultant
The synchronize application detection policies have been very good, but we want a more proactive reporting structure

Pros and Cons

  • "The synchronize application detection policies have been very good."
  • "We want a more proactive reporting structure."

What is our primary use case?

We are only using the security part of it.

We are solution providers. We suggest this solution to our clients for data loss prevention. It also can prevent Trojan and virus attacks on data centers.

What is most valuable?

The synchronize application detection policies have been very good. We are able to use it with the cloud service connectors and manage it on the cloud.

What needs improvement?

We want a more proactive reporting structure.

Have a regular newsletter or report to the implementers, letting them what is going on in the market. It should contain case studies and use cases.

There are some features available in the competitors, like Trend Micro and McAfee, which are not available in Symantec.

For how long have I used the solution?

One to three years.

What do I think about the stability of the solution?

The stability is at 85 to 90 percent.

We have two people looking after the maintenance and two people monitoring the endpoints.

What do I think about the scalability of the solution?

We have between 150 to 200 users on any one client. Overall, we have approximately 2000 users.

How are customer service and technical support?

We share feedback regularly with the Symantec technical support team. They provide us feedback and patches based on the reports (client specific) that we send them.

Which solution did I use previously and why did I switch?

We did not have a solution previous to Symantec.

How was the initial setup?

The initial setup is not very complex. You just have to run it from the configuration spreadsheet. If you follow the applied process, it is fine. If you deviate from the process, then the process can begin to become complex due to lack of understanding. You have to enable all the files based on size and there are some endpoint issues, as well.

It didn't take us very long deploy.

What about the implementation team?

We implemented it in-house since we have people who are certified on Symantec. Before the product is implemented, we send those people over to Symantec. Then, they bring back Symantec's best practices.

We have six to seven Level 2 support people who do the implement part.

What's my experience with pricing, setup cost, and licensing?

The pricing is competitive and not pricey. We also receive corporate discounts.

Which other solutions did I evaluate?

Initially, when checked out quite a few products, like Trend Micro, we found this product to be the most user-friendly.

Right now, their roadmap is not very visible, so we are trying out McAfee. Currently, we are simultaneously running both McAfee and Symantec.

What other advice do I have?

We plan to increase our usage of this type of product since our clientele is increasing in numbers.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Divyang P
Senior Cyber Security Consultant at Infosec Ventures
Reseller
It helps protect and contain our confidential data in our environment

Pros and Cons

  • "We are able to contain our confidential data in our environment."
  • "They could improve the predefined reports because they don't have much information. We would like detailed reports."

What is our primary use case?

The primary use case is to protect the content our data, e.g., if a document is marked as a confidential, it should not suddenly be sent into the Internet via email.

I have been the product for two years.

How has it helped my organization?

We are able to contain our confidential data in our environment. Previously, we had no controls placed on our documentation. 

What is most valuable?

  • The administration part is pretty simple. 
  • Detection is pretty accurate.

What needs improvement?

They could improve the predefined reports because they don't have much information. We would like detailed reports.

If they could include the same features for their mobile device product, like Android and iOS, it would be helpful.

What do I think about the stability of the solution?

It is stable. Maintenance only takes one person.

What do I think about the scalability of the solution?

It is pretty scalable.

We have around 1500 users, which include the accounting department, HR department, and other business units.

How are customer service and technical support?

The technical support is very good.

Which solution did I use previously and why did I switch?

We were not using a solution before Symantec DLP.

How was the initial setup?

The initial setup is complex; it was not a very straightforward implementation.

The deployment took less than two months.

What about the implementation team?

Our implementation strategy was simple. We started the rollout with a few users, then to the documents and emails, and afterwards, the policies. 

We had a local implementation partner who helped us with the implementation. We had a good experience with them.

Deployment took two engineer from our team.

What's my experience with pricing, setup cost, and licensing?

The pricing and licensing are based on per user endpoints.

Which other solutions did I evaluate?

We did not evaluate other solutions.

What other advice do I have?

Determine what data you want to protect before implementing this solution.

Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller.
Rahul-Ranjan
System Administrator at a tech services company with 1,001-5,000 employees
Real User
Enables us to check attachments and to know what data is being sent

Pros and Cons

  • "One of the most valuable features is that you can check attachments."
  • "We are finding delayed response if the macOS is updated. They need to make sure their solution is compatible."

How has it helped my organization?

Previously, what was happening was that anyone could send any data outside. We now know who is sending what data and where. We can then question them: "Why have you sent that data?"

What is most valuable?

In DLP one of the most valuable features is that you can check attachments. 

In addition, it gives me the data such that, if someone is using a browser and email, I'm able to figure out who is sending the data.

What needs improvement?

Symantec customer support is very bad.

We are finding delayed response if the macOS is updated. They need to make sure their solution is compatible.

Also, if any data at all is going outside of our network and it matches our screening it has to be captured and we should see it detailed properly: Who is sending it, where they're sending it.

For how long have I used the solution?

One to three years.

What do I think about the stability of the solution?

The stability has met our expectations.

What do I think about the scalability of the solution?

I'm not good with the scalability. It's not capturing everything. If someone's trying to send from Gmail to some other browser or if someone is using Safari in a Windows machine, under those conditions it's not captured. 

Which solution did I use previously and why did I switch?

This is the first product of its kind for us. Nobody seemed to know much about this product but we figured out how to use it, and the vendor gave us training, so we have been able to handle it.

How was the initial setup?

The initial setup is a little complex. But once you go through it you get used to it. After using this product it becomes easy to handle, easy to understand. Our deployment took about two months for 2,000 users. 

Our strategy was simple. I needed to implement it for every user so that we could monitor any data.

What about the implementation team?

We used the vendor's support and it was nice working with them. They helped a lot when it came to the deployment.

What's my experience with pricing, setup cost, and licensing?

I wasn't involved in the pricing negotiations but from what I know the pricing is good, it's not too expensive. If you negotiate you can get a good price.

Which other solutions did I evaluate?

We evaluated multiple solutions, such as McAfee.

What other advice do I have?

We have around 1,500 users in HR, admin, the finance department, and IT. For maintenance of the solution we have two people. It's covering all users at the moment so there are no plans to increase usage.

I rate the solution at eight out of ten. It is fulfilling our requirements.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
ITCS user
ITSM & AntiFraud Consultant with 51-200 employees
Consultant
Data Insight helps clients gain visibility over data usage, ownership and permissions.

Pros and Cons

  • "The Network Monitor component is the most advanced on the market. Combined with the other Network DLP components."
  • "The Symantec DLP solution is very complex, and installation requires many components."

What is most valuable?

The Network Monitor component is the most advanced on the market. Combined with the other Network DLP components (Prevent for Web, Prevent for Email, Discover and Prevent), Symantec offers one of the best network DLP solutions in the market. Another component that is very valuable from my point of view is the Data Insight component that allows the client to have full visibility into the company data.

How has it helped my organization?

Data Insight is a very good component that steps outside the standard DLP functions, but helps the client to gain visibility over the data usage, ownership and permissions.

What needs improvement?

The Symantec DLP solution is very complex, and installation requires many components. Also, Oracle is only the DB used by Symantec.

For how long have I used the solution?

I have experience with Symantec DLP since 2013.

What was my experience with deployment of the solution?

Sometimes the Oracle instance need to be restarted, when using full Windows deployment.

What do I think about the stability of the solution?

When in a heavy-usage environment, you can have some latency problems when the DLP management page loads. If the problem persists and the loading time is too high, you should restart the service. Usually, this behavior is very rare and I saw it on the Windows implementation.

What do I think about the scalability of the solution?

When implementing the DLP solution, we use the Symantec sizing guide, and we use the recommended configuration. The Symantec DLP license is per user, so it's hard to have issues with scalability

How is customer service and technical support?

Customer Service:

Usually, we use the local distributor team for issues and they are very OK. When needed, we opened cases at Symantec support, and it was a pretty decent relationship. Some clients complained that they didn't fulfill the request very fast.Starting again this year we have a local vendor presence and that helps us in front of the clients.

Technical Support:

Symantec L3 technical support technicians are very good.

How was the initial setup?

Initial setup is straightforward, as you use the same installation kit, and you choose which component to install.

What's my experience with pricing, setup cost, and licensing?

Symantec only sells the DLP software. When you buy, it you should budget the server licenses, the storage and the hardware. Scale your implementation when you have your exact number of the monitored users. Be prepared to extend the resources if you increase the number of users. The Oracle DB is licensed for use only with Symantec.

If you are a small firm with less than 150 users, Symantec can be too pricey.

Which other solutions did I evaluate?

We also evaluated McAfee DLP, WebSense (Forcepoint) DLP, and Digital Guardian.

What other advice do I have?

We are a system integration firm, and we also sell McAfee DLP and WebSense DLP (Forcepoint).

Disclosure: My company has a business relationship with this vendor other than being a customer: I am working for a system integrator and I have experience with other vendors.
it_user406974
Chief Cyber Strategist with 1,001-5,000 employees
Vendor
Detects percentages of interrogate words within documents. Finds leaks of documents and restricted controlled information.

What is most valuable?

  • Detects the percentages of text and interrogate words within documents and emails.
  • Finds leaks of documents and restricted controlled information.

How has it helped my organization?

We use it to discover unacceptable employee behavior, such as threats and bullying. It helps us identify insider threats.

What needs improvement?

I would like to see a reduction in false positives.

For how long have I used the solution?

I have used this solution for three years.

What do I think about the stability of the solution?

There haven’t been stability issues with the product. There have been stability issues with the user community when trying to embargo documents.

What do I think about the scalability of the solution?

There were no scalability issues other than some impact on sending large documents when tracking content for restricted data.

How is customer service and technical support?

The technical support has been excellent. We had DLP engineers on site.

How was the initial setup?

The installation was pretty straightforward. We had to adjust for policy allowances. Once the user community gained some experience, we were able to expand the scope.

What's my experience with pricing, setup cost, and licensing?

I have no real comment as we had an enterprise license. Make sure you cover all users and plan growth metrics.

Which other solutions did I evaluate?

We evaluated alternative solutions, but I can't recall which ones. We had an enterprise license and the product integrated with the SIEM well. There was little reason to go outside of the existing contracts.

What other advice do I have?

Take the following steps:

  1. Go to monitoring for 90 days.
  2. Start to reduce the allowed events. Start at 100 and reduce by 20 per month.
  3. Communicate any failures. (Allow for application changes, as legacy apps may be guilty of data transfer that is embedded in the architecture/file transfer.)
Disclosure: My company has a business relationship with this vendor other than being a customer: I have moved on from the USPS and Salient CRGT. I was in a teaming relationship. I did not use the product internally.
it_user1194
Head of Infrastructure at a tech services company with 501-1,000 employees
Consultant
Best in class data loss and prevention software, requires tuning for the document classification mechanisms.

Valuable Features:

1) Keeps monitoring data and protects sensitive information on computers. 2) One of the very few DLP tools with machine learning capabilities that easily classifies various documents and takes care of many administrative chores. 3) With the help of the above technology, DLP is able to greatly reduce the number of false alarms. 4) Supports various types of encryption mechanisms. 5) Now available for tablets as well. 6) Has support for blocking of data copying to removable media.

Room for Improvement:

1) Use of machine learning algorithm is good when it comes to automate the administrative chores. However, this feature is still unstable and sometimes the document classifier fails to properly classify even a similar looking document, thereby putting the document in a wrong group. 2) The feature of blocking the copying of sensitive data to removable media puts the responsibility on the end user, for correctly identifying the sensitive docs and enforcing the right policies. 3) Should have a feature to completely block USB ports. 4) Detecting P2P communication using ports is not that useful and requires a signature based engine to detect and block peer-to-peer traffic, irrespective of ports used.

Other Advice:

Automated monitoring of sensitive data is a much needed feature. However, the machine learning algorithms that wrongly classify documents is a major problem, when it comes to applying security policies based on document categories. A good feature is the blocking of sensitive data copying to removable storage. DLP is specifically targeted for mid and large enterprises.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Product Categories
Data Loss Prevention (DLP)
Buyer's Guide
Download our free Symantec Data Loss Prevention Report and get advice and tips from experienced pros sharing their opinions.